*/
if (!function_exists('staffLoginPage')) {
//Ajax interface can pre-declare the function to trap expired sessions.
function staffLoginPage($msg)
{
global $ost, $cfg;
$_SESSION['_staff']['auth']['dest'] = '/' . ltrim($_SERVER['REQUEST_URI'], '/');
$_SESSION['_staff']['auth']['msg'] = $msg;
require SCP_DIR . 'login.php';
exit;
}
}
$thisstaff = new StaffSession($_SESSION['_staff']['userID']);
//Set staff object.
//1) is the user Logged in for real && is staff.
if (!$thisstaff->getId() || !$thisstaff->isValid()) {
if (isset($_SESSION['_staff']['auth']['msg'])) {
$msg = $_SESSION['_staff']['auth']['msg'];
unset($_SESSION['_staff']['auth']['msg']);
} elseif (isset($_SESSION['_staff']['userID']) && !$thisstaff->isValid()) {
$msg = 'Session timed out due to inactivity';
} else {
$msg = 'Authentication Required';
}
staffLoginPage($msg);
exit;
}
//2) if not super admin..check system status and group status
if (!$thisstaff->isAdmin()) {
//Check for disabled staff or group!
if (!$thisstaff->isactive() || !$thisstaff->isGroupActive()) {
